FTC Shutters Alleged Tech-Support Scam

A U.S. federal court has shut down what the Federal Trade Commission says was a fake tech-support firm that posed as Facebook and Microsoft and tricked consumers into paying up to $600 for bogus security tools.

The FTC complaint, filed in the U.S. District Court for the Northern District of New York, accuses Albany, N.Y.-based Pairsys - together with company officers Uttam Saha and Tiya Bhattacharya - of pressuring individuals into buying "bogus warranty programs and software that was freely available."

The typical selling price for these products allegedly ranged from $149 to $249, although people sometimes paid up to $600, says the FTC, which has accused the firm of amassing nearly $2.5 million in revenue since February 2012.

"The defendants behind Pairsys targeted seniors and other vulnerable populations, preying on their lack of computer knowledge to sell 'security' software and programs that had no value at all," says Jessica Rich, director of the FTC's Bureau of Consumer Protection. "We are pleased that the court has shut down the company for now, and we look forward to getting consumers' money back in their pockets."

Officials at Pairsys didn't immediately respond to a request for comment on the FTC's complaint.

Pairsys, on its corporate website, claims to offer "support for Windows, Linux and Macintosh operating system to consumers across the globe through its remotely-enabled services," and says it has 4,000 customers across Australia, Canada the United Kingdom and the United States.

Fake Facebook, Microsoft Support

The FTC alleges that the company's tech-support staff, operating from a call center in Calcutta, India, cold-called consumers and strong-armed them into buying products, all while pretending to be contacting them from legitimate companies, such as Facebook and Microsoft. Pairsys also purchased numerous online advertisements - and published phone numbers - that purported to lead to legitimate tech-support sites and call centers for numerous companies, but which instead led to Pairsys, the FTC says.

According to the FTC complaint, Pairsys tech-support staff would attempt to pressure consumers into giving them remote access to their PC, after which they would attempt to trick them into believing that innocuous files or error messages were related to virus infections that required immediate "repairs" - for a price.

A Facebook official says the company is not only aware of the FTC's complaint, but referred the case to the agency in the first place. "For Facebook, shutting down scams like these has always been an important part of keeping people and their information safe," Craig Clark, associate general counsel at Facebook, tells Information Security Media Group. "The FTC did a lot of great work on this case, and we were pleased to learn of the outcome."

The Accusations

The FTC's complaint against Pairsys and its two officers accuses them of violating both the FTC Act and the Telemarketing Sales Rule.

The two officers have agreed to a preliminary injunction, granted Oct. 9, that prohibits them and their employees from misrepresenting the company they work for, or discussing whether consumers have viruses or spyware on their computer, according to the FTC. As part of the injunction, the defendants' U.S. assets have also been frozen; they are required to disconnect all of their websites; and they've also agreed to not sell or transfer any customer information to another company.

Under the FTC Act, the agency has the power to file a complaint against businesses that it believes are engaging in unfair or deceptive trade practices. Likewise, the Telemarketing Sales Rule allows the agency to file court complaints against firms that it believes are engaging in deceptive or abusive telemarketing practices. On that front, the FTC says that Pairsys never paid the required fee to access the National Do Not Call Registry before contacting consumers, thus putting it in further violation of the rule.

The FTC also chose to seek a restraining order against Pairsys and the officers - which the court granted - to forestall the defendants removing assets from the United States. The agency alleges that the two officers already have transferred $900,000 in revenue to India, and the agency hopes to recover at least some of that money.

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the Executive Editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, amongst other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;